2000day in Safari

Transcript

1. 2000-day in Safari Anton Lopanitsyn @i_bo0om

2. phdays.com #PHDays XSS https://portswigger.net/web-security/cross-site-scripting

3. phdays.com #PHDays UXSS https://evil.com https://victim.com

4. phdays.com #PHDays Save as webpage, complete

5. phdays.com #PHDays chrome://flags

6. phdays.com #PHDays MHTML

7. phdays.com #PHDays MHTML

8. phdays.com #PHDays

9. phdays.com #PHDays Safari save as webarchive

10. phdays.com #PHDays Signed webarchive

11. phdays.com #PHDays Plaintext webarchive

12. phdays.com #PHDays Plaintext webarchive <script> … </script>

13. phdays.com #PHDays Plaintext webarchive

14. phdays.com #PHDays

15. phdays.com #PHDays https://blog.rapid7.com/2013/04/25/abusing-safaris-webarchive-file-format/

16. phdays.com #PHDays

17. phdays.com #PHDays

18. phdays.com #PHDays

19. phdays.com #PHDays

20. phdays.com #PHDays

21. phdays.com #PHDays xhtml

22. phdays.com #PHDays xhtml

23. phdays.com #PHDays file:///Users/bo0om/Library/Containers/com.apple.mail/Data/Library/Mail%20 Downloads/2F4D2013-CCBF-4341-B05E-CEB4B76F30CE/Document.xhtm file:///Users/bo0om/Downloads/33h0ygug3ulny0gvwhh3d.webarchive

24. phdays.com #PHDays

25. phdays.com #PHDays file:///Users/bo0om/Library/Containers/com.apple.mail/Data/Downloads/x.webarchive file:///Users/bo0om/Library/Containers/com.apple.mail/Downloads/x.webarchive file:///Users/bo0om/Library/Containers/Downloads/x.webarchive file:///Users/bo0om/Library/Downloads/x.webarchive file:///Users/bo0om/Downloads/x.webarchive

26. phdays.com #PHDays DEMO https://github.com/Bo0oM/Safari2000day)

27. Thank you!